Artificial truth

archives | latest | homepage | atom/rss/twitter

The more you see, the less you believe.

Snuffleupagus 0.7.1 - Proboscideans
Mon 02 August 2021 — download

snuffleupagus logo

I just published a new release of Snuffleupagus, the hardening module for php7+ and php8+, the version 0.7.1, codename "Proboscideans", named after the taxonomic order of the Elephants.

No impressive or groundbreaking new features, but a maintenance release: more stable, and with fewer bugs.

Changelog

  • Fixed possible memory-leaks when hooking via regular expressions
  • Modernise the code by removing usage of strtok
  • Prevent a possible crash during configuration reloading
  • Fix the default rules to catch dangerous chmod calls
  • Improve compatibility with various libpcre configurations/versions
  • Improve the default rules' compatibility with php8
  • Prevent XXE in php8 as well
  • Improve a bit the verbosity of the logs
  • Add a rules file for php8

As usual, if you want to help, we have some low hanging fruits

See you in your PHP stack!